SUBSCRIBE:

The "this is not a guide" to online privacy

In response to an article by The Guardian offering nine pieces of advice to stay secure online, one of which dictated covering your house with a few layers of aluminium, a skeptical Privacy International writer drew up their own take on protecting your digital privacy.

Everyone wants to know what you need to do to be i) happy, ii) fit, iii) secure. And the easier and more list-y it is, the better.

The Guardian recently published an article that left PI's techies sceptical, to say the least. “Extreme online security measures to protect your digital privacy – a guide” offered nine pieces of advice to stay secure online, including covering your house with a few layers of aluminium (!!!).

While there is no one-solution-fits-all when it comes to security and certainly no app or operating system that will make you secure the moment you download it, there are things you can do to protect your privacy. Without further ado, here are our seven moderate online security measures to protect your digital privacy.

1. Fight for your rights

For all the fancy tools you can download, nothing will protect you as well as a strong legal framework and very demanding consumers and citizens. With the Investigatory Powers Bill currently debated at the House of Lords, we in the UK, have many reasons to be concerned: ISPs and mobile network providers will be expected to keep a record of our internet traffic for 12 months, mass surveillance of communication's data will become legal, and both intelligence services and the police will have the right to hack into your devices. And while the IP Bill is unprecedented in the access it grants intelligence services, surveillance laws are being passed all over the world. From the Interception of Postal Packets and Telecommunication Messages Bill in Ghana, to the Prevention of Electronic Crimes Bill in Pakistan and the Digital Economy Bill in Thailand, be prepared to see a bill affecting your right to privacy coming up near you very soon. So before you wrap your house in tinfoil, stand up for your rights.

Be a demanding consumer – ask why your devices are insecure, demand the use of encryption, question companies and governments on why they demand our data, what they do with it, when do they delete it, and what, beyond the bumf in privacy policies, do they really do to fight for us?

2. Threat models matter

There is no one-solution-fits-all when it comes to security. There is no point handing Band-Aids to someone who is having a kidney failure, so before you download the latest 'secure' software, ask yourself the right questions: what are you trying to achieve? What do you need to protect and who do you need to protect it from?

Once you have defined your threat model, find the application that works for you and that mitigates the risks you have identified.

3. There are (not extreme) measures we should take

It's not as exciting as covering your home in tinfoil but there are simple things everyone should do: use a password manager to ensure you create strong passwords and to ensure you never use the same password more than once, never download an attached file that you were not expecting, and avoid clicking the “remind me later” button when your software tells you it needs to be updated.

4. Zero risk does not exist

You can never be 100% secure online. That's why we talk about risk mitigation and not perfect security. If you have extremely sensitive information, keep it offline. Stay off the telephone to have a secure conversation. Don't be seduced by the app of the day; for sensitive conversations, go analogue.

5. VPNs will not save you

The author of the article suggests VPNs (virtual private network) will allow you to browse the web incognito. But let's be clear about what VPNs do and don't do. VPNs allow you to surf the internet from an assumed location. They're great if you want to watch content you can't access in your country, or to conceal your ISP from hackers or government spies. But your VPN provider will still be able to see everything you are doing so effectively you only move from your ISP watching you to your VPN provider watching you. Incognito? Not really.

You also need to look at the legislation of the country your VPN provider is. In the UK for instance, there are data protection laws that protect you and that your ISP has to comply with. If you pick a VPN provider in a country without a strong legal framework you may be doing yourself more harm than good.

6. Stop worrying about Windows

“Don't use Windows” warns the Guardian. Why though? An Apple computer can be just as dangerous as a Windows machine, and as long as you keep all your software updated there is nothing inherently wrong about Windows. In fact, most malware come from people clicking on malicious links, not the security of the operating system. When it comes to security most mistakes come from the users' actions (or inactions) and threats that have not been identified, rather than the technology letting the user down.

7. Keep your friends close and corporations closer

Fight for your rights – your consumer rights. When you are paying money every month to your ISP and mobile network provider, or putting your data into the hands of social network sites and search engines, you should expect them to treat you decently. They should protect you and your rights.

More and more companies are publishing transparency reports where they publically reveal the amount of data they share with governments all over the world. The demands for privacy have also meant that companies like Apple are now offering encryption by default. If you're in the UK you can join us in asking your mobile network providers to oppose police hacking.

For us, the perfect world is where your data is yours for you to control and determine how it is used. This should be the default situation for all people, everywhere. Privacy and security by default is the only way forward for the future to make any sense.

New technologies continue to present great risks and opportunities for humanitarian action. To ensure that their use does not result in any harm, humanitarian organisations must develop and implement appropriate data protection standards, including robust risk assessments.

Laws passed since Vladimir Putin's return to the presidency in May 2012 have dramatically strengthened the Russian authorities’ control over the flow of information online and offline. Much of this crackdown has been fuelled by Russia’s foreign policy, in particular its role in the conflict in neighbouring Ukraine and its armed intervention in Syria.

The Cyber Harassment Helpline was launched after the successful completion of the Hamara Internet (translates as “Our Internet”) project, and based on its findings in the “Measuring Pakistani Women's Experience of Online Violence” report

While AI impacts a plethora of rights, ARTICLE 19 and Privacy International are particularly concerned about the impact it will have on the right to privacy and the right to freedom of expression and information.

Based on extensive interviews with writers, poets, artists, activists, and others personally affected by the government’s grip on online expression, as well as interviews with anonymous employees at Chinese social media companies, the report lays bare the destructive impact of the Chinese government’s vision of “cyber sovereignty” on netizens who dare to dissent.

The general trend over the past 10 years has been bleak, with an overall negative trajectory for press freedom. The major turning point was the election of Xi Jinping as General Secretary of the Communist Party of China in 2012 and President of China in 2013.

Pakistan has been slow to recognize that violence, threats and harassment faced online by journalists reflects the violence they are exposed to offline. A nationwide survey of working journalists was conducted to ascertain their level of digital insecurity, to record their experiences and the protections they desired from the journalist community, their media organizations, and the government.

Internet Landscape of Pakistan is an indigenous effort to regularly monitor and document the ongoing trends and challenges that impact digital and human rights in the country. This is the third edition in the series.

The report examines the rise of fraudulent news, defined here as demonstrably false information that is being presented as a factual news report with the intention to deceive the public, and the related erosion of public faith in traditional journalism. The report identifies proposed solutions at the intersection of technology, journalism, and civil society to empower news consumers with better skills and tools to help them process the torrents of information they see online.

The lack of a comprehensive legal framework for privacy rights and data protection in Lebanon has led to the adoption of illegal mass surveillance programs and to the violation of individual and collective privacy without repercussions

IFEX publishes original and member-produced free expression news and reports. Some member content has been edited by IFEX. We invite you to contact [email protected] to request permission to reproduce or republish in whole or in part content from this site.

Get more stories like this

Sign up for our newsletters and get the most important free expression news delivered to your inbox.